Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

5 steps to securing the small business (that don’t cost a penny)

Posted May 1, 2013    Andy Clark

pennyFor many small businesses there are considerable restraints on both budget and personnel that can make implementing a good security practice feel like an insurmountable challenge. Recent news gives us a constant reminder of the threats we all face from hactivists, electronic espionage, and good old fashioned script kiddies out to cause damage. These threats are very real and it makes good business sense to reduce your attack surface as much as possible. However, picking the right solution can become a daunting task, especially because of the heavy impact these solutions (and their implementation) can put on already tight margins. With that in mind, here are five steps that any business can take to improve security, without spending a penny.

1. Configuration

Let’s start with the basics. Configuring an environment is not just simply plugging everything together and letting it run. However, by making changes and implementing best practice on your network, operating systems, and applications you can significantly reduce your attack surface. BeyondTrust Research has produced a white paper In Configuration We Trust that includes guidance about how you can go about implementing some of these changes. To make life that little bit easier we’ve also produced a free tool that helps you assess your environment for some of the common configuration issues. Both of these free tools are available for download here.

2. Vulnerability Management

All systems have vulnerabilities. There I said it. Sadly this is a product of both human error and human ingenuity. The combination of mistakes made by developers and the increasing ingenuity of the hacker community has led to an inexorable rise in the number of exploitable vulnerabilities that are discovered and announced. Black market exploit tool kits are making it almost childishly simple for attackers to discover and exploit weaknesses in existing systems. It is every organization’s responsibility to keep their environment secure but to do this you need to know what holes exist. Vulnerability management is a great step towards achieving this goal. Retina CS Community edition is a free vulnerability management solution that can scan up to 256 assets and identify any vulnerabilities in configuration, operating system, and installed applications. The solution covers not just servers and desktops but databases, web applications and mobile devices. It also includes data on known exploits in the wild. Knowledge is power, go get some. Download Retina CS Community Free Now.

3. IDS

An Intrusion Detection System is one of those things that many organizations think they should have but never really understand. The solution is designed to track all of the network traffic in and out of your organization and highlight those instances that may be evidence of an attack. Network based appliances can be very expensive but there is an excellent open source alternative. Developed by Sourcefire, Snort®, is an open source network intrusion prevention and detection system (IDS/IPS). Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS. All that is required is a system to host it. Snort can be found here.

4. Antivirus

There are many, many antivirus solutions available and they all have their pro’s and con’s. Since we’re going for free here there are a couple of options to consider. Assuming you’re running a Microsoft Windows platform you will have access to Microsoft’s Security Essentials. It’s by no means the best of the bunch but since it comes pre-installed it’s very easy to get started with. If you’re looking for something that has more advanced protection, then may I suggest the rather excellent Avast free antivirus, which can be found here. One thing to consider is that most malware attacks are looking to leverage elevated privileges, so by removing these you can decrease your vulnerability surface area considerably. BeyondTrust’s PowerBroker for Windows solution snaps into your existing active directory structure and allows you to elevate applications and processes at a very granular level, effectively removing administrator rights throughout your organization. For more information about PowerBroker for Windows and to begin a free trial visit us here.

 5. Education

All of the solutions I have described above are designed to mitigate risk from a technical perspective and are all very capable of doing so. However they cannot entirely protect you from the threat of social engineering. Phishing attacks are on the rise and these can be either very broad in scope or highly targeted against individuals. The value of an educated workforce that understands the risks cannot be underestimated. Whether it’s a bored office junior browsing the wrong websites or a CEO receiving individually crafted malicious emails, an understanding of the inherent risks of data leakage can greatly improve your response to attacks. Security-aware cultures are not created overnight and it will take time and effort on everyone’s part to achieve. This dedication is always worth the investment. To help make your program a success, SANS has some excellent free resources here.

, , , , , , , , ,

Leave a Reply

Additional articles


PowerBroker for Mac: A Least-Privileged Apple a Day…

Posted July 27, 2015    Jason Silva

BeyondTrust PowerBroker for Mac reduces the risk of privilege misuse by enabling standard users on Mac OS X to perform administrative tasks successfully without entering elevated credentials.

, ,

On Demand Webinar – Now is the time for Privileged Account Management

Posted July 24, 2015    BeyondTrust Software

In this webinar, SANS Instructor and Founder of Voodoo Security, Dave Shackleford, will revisit several hacking and breach scenarios that involved privileged accounts, and use these as examples while discussing tools and tactics to get this problem under control once and for all.

, ,

Privileged Account Management: The Time is Now

Posted July 22, 2015    Dave Shackleford

There’s plenty of problems we don’t have great options for in InfoSec today. Malware is a pain point that keeps evolving rapidly. 0-day exploits are tough to prepare for. Privileged account management? We got this. We know the root causes, we know how it manifests, we know how to get it under control effectively, and there are great technology solutions that are enterprise-class.

, ,